Configure Network Exceptions to Ensure Connectivity in Shift4 Venue

Article author
Edward Andrews
  • Updated

Description: Learn to configure firewalls and content filters with the network ports, IP addresses, and endpoints required for Shift4 Venue and its connected services to operate without interruption. This article is intended for IT teams and venue operators.

Shift4 Venue Network Allow List

Note: This list requires the use of wildcard URLs - if wildcard is not allowed, your project manager can provide you with specific URLs associated with your Instance to run transactions, however, images are passed through AWS and URLs are subject to change so no specific URLs will be provided for assets. 

Core Port Requirements

Port Protocol Direction Description
443 TCP Outbound HTTPS/TLS secure connections; SSL/TLS is terminated at the load balancer.
80 TCP Outbound HTTP traffic automatically redirects to HTTPS.
9100 TCP LAN Required for local printing from iOS tablets to network printers.
3289 UDP LAN Required for local printing from iOS tablets to network printers.

AWS Endpoints

Service Hostname / FQDN Port Protocol
EC2 Instances *.amazonaws.com 443 TCP

Note: IP addresses for AWS resources can change without notice. Allowlisting by FQDN is required.

Backend API Endpoints

Service Hostname / FQDN IP Address(es) Port Protocol
POS & End-User Tools *.ordernext.com Various (ELB) 443 TCP
Back-Office & Cloud Services *.vnops.net Various (ELB) 443 TCP
WebSocket *.venuenext.net Various (ELB) 443 TCP
Pusher WebSocket ws.pusherapp.com Various 443 TCP
Pusher SockJS sockjs.pusherapp.com Various 443 TCP
ws-mt1.pusher.com ws-mt1.pusher.com Various 443 TCP
ws-us2.pusher.com ws-us2.pusher.com Various 443 TCP
ws-us3.pusher.com ws-us3.pusher.com Various 443 TCP
sockjs-mt1.pusher.com sockjs-mt1.pusher.com Various 443 TCP
sockjs-us2.pusher.com sockjs-us2.pusher.com Various 443 TCP
sockjs-us3.pusher.com sockjs-us3.pusher.com Various 443 TCP
Datadog Monitoring *.datadoghq.com Various 443 TCP
Speed Test fast.com Various 443 TCP

Note: Pusher and SockJS require inbound and outbound allowances

Hardware Endpoints

PAX Devices

Category Hostname / FQDN IP Address(es) Port Protocol
Device Management t.paxstore.us 3.141.250.74, 18.119.60.30 9080 TCP
Push Notifications mpush1.paxstore.us 52.14.42.201 3000 TCP
Push Notifications mpush2.paxstore.us 3.23.55.207 3000 TCP
Device Logging pl.paxstore.us 3.141.250.74, 18.119.60.30 6370 TCP
Remote App Store paxras.whatspos.com Various 443 TCP
Payments (UTG) utg.shift4api.net Various 443 TCP
Remote Viewer posviewer1.paxsaas.com Various 8089 TCP
Remote Viewer posviewer2.paxsaas.com Various 8089 TCP
Remote Viewer posviewer3.paxsaas.com Various 8089 TCP
Remote Viewer posviewer4.paxsaas.com Various 8089 TCP
Remote Viewer posviewer5.paxsaas.com Various 8089 TCP
Remote Viewer posviewer6.paxsaas.com Various 8089 TCP
Remote Support teamviewer.com Various 5938 TCP
Key Injection rki.pax.us Various 33519 TCP
Time Sync NTP Servers Various 123 UDP
Log Shipping 216.238.144.197 216.238.144.197 22 TCP
Device Management L1400 to A3700 Various 65201 UDP
Device Management A3700 to L1400 Various 65202 UDP

Elo Devices

Note: For EloView 4 devices, refer to the EloView 4 Network Requirements article for network configuration details.

Category Hostname / FQDN IP Address(es) Port Protocol
Device Management io.eloview.com Various 443 TCP
Management Console manage.eloview.com Various 443 TCP
Content Delivery content.eloview.com Various 443 TCP
Device API device.eloview.com Various 443 TCP
Data Queue dsq.eloview.com Various 443 TCP
Time Sync 2.android.pool.ntp.org Various 123 UDP

Payment Gateway Endpoints

Shift4

Service Hostname / FQDN IP Address(es) Port Protocol
UTG utg.shift4api.net Various 443 TCP

SkyTab 

Hostname / FQDN Port(s) Protocol
api.paxstore.us 443 TCP
bootstrap.echo.harbortouch.com 443 TCP
clientsdk.launchdarkly.com 443 TCP
clientstream.launchdarkly.com 443 TCP
harbortouch-lighthouse-backups.s3.amazonaws.com 443 TCP
lighthouse-api.harbortouch.com 443 TCP
logs.browser-intake-datadoghq.com 443 TCP
logs.us-east-1.amazonaws.com 443 TCP
mobile.launchdarkly.com 443 TCP
o629216.ingest.sentry.io 443 TCP
*.sentry.io 443 TCP
rum.browser-intake-datadoghq.com 443 TCP
server1.heartbeat.harbortouch.com 80/443 TCP
server2.heartbeat.harbortouch.com 80/443 TCP
server3.heartbeat.harbortouch.com 80/443 TCP
shift4-lighthouse.s3.amazonaws.com 443 TCP
paxstore.us 443 TCP

Lighthouse Business Manager

Hostname / FQDN Port Protocol
epro-stats.harbortouch.com 5672 TCP
epro-mq.harbortouch.com 5672 TCP
mq1.shift4payments.com – mq20.shift4payments.com 5672 TCP
lighthouse-api.harbortouch.com 443 TCP
bootstrap.echo.harbortouch.com 443 TCP

Was this article helpful?

2 out of 4 found this helpful

Have more questions? Submit a request

Related articles

Comments

0 comments

Please sign in to leave a comment.